Where to find 70 411 dumps

Our pass rate is high to 98.9% and the similarity percentage between our exam ref 70 411 study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the Microsoft 70 411 exam exam in just one try? I am currently studying for the Microsoft 70 411 exam dumps pdf exam. Latest Microsoft 70 411 exam questions Test exam practice questions and answers, Try Microsoft exam ref 70 411 Brain Dumps First.

Q71. You have a DNS server that runs Windows Server 2012 R2. The server hosts the zone for contoso.com and is accessible from the Internet. 

You need to create a DNS record for the Sender Policy Framework (SPF) to list the hosts that are authorized to send email for contoso.com. 

Which type of record should you create? 

A. mail exchanger (MX) 

B. resource record signature (RRSIG) 

C. text (TXT) 

D. name server (NS) 

Answer:


Q72. Your network contains an Active Directory domain named adatum.com. All domain controllers run Windows Server 2012 R2. The domain contains a virtual machine named DC2. 

On DC2, you run Get-ADDCCIoningExcludedApplicationList and receive the output shown in the following table. 

You need to ensure that you can clone DC2. 

Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.) 

A. Option A 

B. Option B 

C. Option C 

D. Option D 

E. Option E 

Answer: A,E 

Explanation: 

Because domain controllers provide a distributed environment, you could not safely clone an Active Directory domain controller in the past. 

Before, if you cloned any server, the server would end up with the same domain or forest, which is unsupported with the same domain or forest. You would then have to run sysprep, which would remove the unique security information before cloning and then promote a domain controller manually. When you clone a domain controller, you perform safe cloning, which a cloned domain controller automatically runs a subset of the sysprep process and promotes the server to a domain controller automatically. 

The four primary steps to deploy a cloned virtualized domain controller are as follows: 

. Grant the source virtualized domain controller the permission to be cloned by 

adding the source virtualized domain controller to the Cloneable Domain 

Controllers group. 

. Run Get-ADDCCloningExcludedApplicationListcmdlet in Windows PowerShell to determine which services and applications on the domain controller are not compatible with the cloning. 

. Run New-ADDCCloneConfigFile to create the clone configuration file, which is stored in the C:\Windows\NTDS. 

. In Hyper-V, export and then import the virtual machine of the source domain controller. 

Run Get-ADDCCloningExcludedApplicationListcmdlet In this procedure, run the Get-ADDCCloningExcludedApplicationListcmdlet on the source virtualized domain controller to identify any programs or services that are not evaluated for cloning. You need to run the Get-ADDCCloningExcludedApplicationListcmdlet before the New-ADDCCloneConfigFilecmdlet because if the New-ADDCCloneConfigFilecmdlet detects an excluded application, it will not create a DCCloneConfig.xml file. To identify applications or services that run on a source domain controller which have not been evaluated for cloning. 

Get-ADDCCloningExcludedApplicationList 

Get-ADDCCloningExcludedApplicationList -GenerateXml 

The clone domain controller will be located in the same site as the source domain controller unless a different site is specified in the DCCloneConfig.xml file. 

Note: 

. The Get-ADDCCloningExcludedApplicationListcmdlet searches the local domain controller for programs and services in the installed programs database, the services control manager that are not specified in the default and user defined inclusion list. The applications in the resulting list can be added to the user defined exclusion list if they are determined to support cloning. If the applications are not cloneable, they should be removed from the source domain controller before the clone media is created. Any application that appears in cmdlet output and is not included in the user defined inclusion list will force cloning to fail. 

. The Get-ADDCCloningExcludedApplicationListcmdlet needs to be run before the New- ADDCCloneConfigFilecmdlet is used because if the New-ADDCCloneConfigFilecmdlet detects an excluded application, it will not create a DCCloneConfig.xml file. 

. DCCloneConfig.xml is an XML configuration file that contains all of the settings the cloned DC will take when it boots. This includes network settings, DNS, WINS, AD site name, new DC name and more. This file can be generated in a few different ways. 

The New-ADDCCloneConfigcmdlet in PowerShell 

By hand with an XML editor 

By editing an existing config file, again with an XML editor (Notepad is not an XML editor.) 

You can populate the XML file. . . . . doesn't need to be empty. . . . . 

References: http: //technet. microsoft. com/en-us/library/hh831734. aspx 

http: //blogs. dirteam. com/blogs/sanderberkouwer/archive/2012/09/10/new-features-in-active-directory-domain-services-in-windows-server-2012-part-13-domain-controller-cloning. aspx 


Q73. Your network contains multiple Active Directory sites. 

You have a Distributed File System (DFS) namespace that has a folder target in each site. 

You discover that some client computers connect to DFS targets in other sites. 

You need to ensure that the client computers only connect to a DFS target in their respective site. 

What should you modify? 

A. The properties of the Active Directory sites 

B. The properties of the Active Directory site links 

C. The delegation settings of the namespace 

D. The referral settings of the namespace 

Answer:

Reference: 

http://www.windowsnetworking.com/articles_tutorials/Configuring-DFS-Namespaces.html 


Q74. You have a server named Server1 that runs Windows Server 2012 R2. 

On Server1, you configure a custom Data Collector Set (DCS) named DCS1. DCS1 is configured to store performance log data in C:\Logs. 

You need to ensure that the contents of C:\Logs are deleted automatically when the folder reaches 100 MB in size. 

What should you configure? 

A. A File Server Resource Manager (FSRM) file screen on the C:\Logs folder 

B. The Data Manager settings of DCS1 

C. A schedule for DCS1 

D. A File Server Resource Manager (FSRM) quota on the C:\Logs folder 

Answer:

Explanation: 

To configure data management for a Data Collector Set 

1. In Windows Performance Monitor, expand Data Collector Sets and click User Defined. 

2. In the console pane, right-click the name of the Data Collector Set that you want to configure and click Data Manager. 

3. On the Data Manager tab, you can accept the default values or make changes according to your data retention policy. See the table below for details on each option. When Minimum free disk or Maximum folders is selected, previous data will be deleted according to the Resource policy you choose (Delete largest or Delete oldest) when the limit is reached. When Apply policy before the data collector set starts is selected, previous data will be deleted according to your selections before the data collector set creates its next log file. When Maximum root path size is selected, previous data will be deleted according to your selections when the root log folder size limit is reached. 

4. Click the Actions tab. You can accept the default values or make changes. See the table below for details on each option. 

5. When you have finished making your changes, click OK. 


Q75. Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2. 

Server1 and Server2 are nodes in a Hyper-V cluster named Cluster1. Cluster1 hosts 10 virtual machines. All of the virtual machines run Windows Server 2012 R2 and are members of the domain. 

You need to ensure that the first time a service named Service1 fails on a virtual machine, the virtual machine is moved to a different node. 

You configure Service1 to be monitored from Failover Cluster Manager. 

What should you configure on the virtual machine? 

A. From the General settings, modify the Startup type. 

B. From the General settings, modify the Service status. 

C. From the Recovery settings of Service1, set the First failure recovery action to Take No Action. 

D. From the Recovery settings of Service1, set the First failure recovery action to Restart the Service. 

Answer:

Explanation: 

Configure the virtual machine to take no action through Hyper-V if the physical computer shuts down by modifying the Automatic Stop Action setting to None. Virtual machine state must be managed through the Failover Clustering feature. 

Virtual machine application monitoring and management 

In clusters running Windows Server 2012, administrators can monitor services on clustered virtual machines that are also running Windows Server 2012. This functionality extends the high-level monitoring of virtual machines that is implemented in Windows Server 2008 R2 failover clusters. If a monitored service in a virtual machine fails, the service can be restarted, or the clustered virtual machine can be restarted or moved to another node (depending on service restart settings and cluster failover settings). This feature increases the uptime of high availability services that are running on virtual machines within a failover cluster. 

Windows Server 2012 Failover Cluster introduces a new capability for Hyper-V virtual machines (VMs), which is a basic monitoring of a service within the VM which causes the VM to be rebooted should the monitored service fail three times. For this feature to work the following must be configured: 

. Both the Hyper-V servers must be Windows Server 2012 and the guest OS 

running in the VM must be Windows Server 2012. 

. The host and guest OSs are in the same or at least trusting domains. 

. The Failover Cluster administrator must be a member of the local administrator's group inside the VM. Ensure the service being monitored is set to Take No Action (see screen shot below) within the guest VM for Subsequent failures (which is used after the first and second failures) and is set via the Recovery tab of the service properties within the Services application (services. msc). 

Within the guest VM, ensure the Virtual Machine Monitoring firewall exception is enabled for the Domain network by using the Windows Firewall with Advanced Security application or by using the Windows PowerShell command below: Set-NetFirewallRule -DisplayGroup "Virtual Machine Monitoring" -Enabled True. 

After the above is true, enabling the monitoring is a simple process: Launch the Failover Cluster Manager tool. Navigate to the cluster - Roles. Right click on the virtual machine role you wish to enable monitoring for and under More Actions select Configure Monitoring. 

. The services running inside the VM will be gathered and check the box for the services that should be monitored and click OK. 

You are done! 

Monitoring can also be enabled using the Add-ClusterVMMonitoredItemcmdlet and -VirtualMachine, with the -Service parameters, as the example below shows: PS C:\Windows\system32> Add-ClusterVMMonitoredItem -VirtualMachine savdaltst01 -Service spooler 

References: 

http: //sportstoday. us/technology/windows-server-2012---continuous-availability-%28part-4%29---failover-clustering-enhancements---virtual-machine-monitoring-. aspx 

http: //windowsitpro. com/windows-server-2012/enable-windows-server-2012-failover-cluster-hyper-v-vm-monitoring 

http: //technet. microsoft. com/en-us/library/cc742396. aspx 


Q76. DRAG DROP 

You have a WIM file that contains an image of Windows Server 2012 R2. 

Recently, a technician applied a Microsoft Standalone Update Package (MSU) to the image. 

You need to remove the MSU package from the image. 

Which three actions should you perform in sequence? To answer, move the appropriate three actions from the list of actions to the answer area and arrange them in the correct order. 

Answer: 


Q77. Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. 

In a remote site, a support technician installs a server named DC10 that runs Windows Server 2012 R2. DC10 is currently a member of a workgroup. 

You plan to promote DC10 to a read-only domain controller (RODC). 

You need to ensure that a user named Contoso\User1 can promote DC10 to a RODC in the contoso.com domain. The solution must minimize the number of permissions assigned to User1. 

What should you do? 

A. From Active Directory Users and Computers, run the Delegation of Control Wizard on the contoso.com domain object. 

B. From Active Directory Administrative Center, pre-create an RODC computer account. 

C. From Ntdsutil, run the local roles command. 

D. Join DC10 to the domain. Run dsmod and specify the /server switch. 

Answer:

Explanation: 

A staged read only domain controller (RODC) installation works in two discrete phases: 

1. Staging an unoccupied computer account 

2. Attaching an RODC to that account during promotion 

Reference: Install a Windows Server 2012 R2 Active Directory Read-Only Domain Controller (RODC) 


Q78. Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. 

An organizational unit (OU) named OU1 contains 200 client computers that run Windows 8 Enterprise. A Group Policy object (GPO) named GPO1 is linked to OU1. 

You make a change to GPO1. 

You need to force all of the computers in OU1 to refresh their Group Policy settings immediately. The solution must minimize administrative effort. 

Which tool should you use? 

A. The Secedit command 

B. The Invoke-GpUpdate cmdlet 

C. Group Policy Object Editor 

D. Server Manager 

Answer:

Explanation: 

Invoke-GPUpdate 

Schedule a remote Group Policy refresh (gpupdate) on the specified computer. Applies To: Windows Server 2012 R2 

The Invoke-GPUpdate cmdlet refreshes Group Policy settings, including security settings that are set on remote computers by scheduling the running of the Gpupdate command on a remote computer. You can combine this cmdlet in a scripted fashion to schedule the Gpupdate command on a group of computers. The refresh can be scheduled to immediately start a refresh of policy settings or wait for a specified period of time, up to a maximum of 31 days. To avoid putting a load on the network, the refresh times will be offset by a random delay. 

Note: Group Policy is a complicated infrastructure that enables you to apply policy settings to remotely configure a computer and user experience within a domain. When the Resultant Set of Policy settings does not conform to your expectations, a best practice is to first verify that the computer or user has received the latest policy settings. In previous versions of Windows, this was accomplished by having the user run GPUpdate.exe on their computer. With Windows Server 2012 R2 and Windows 8, you can remotely refresh Group Policy settings for all computers in an organizational unit (OU) from one central location by using the Group Policy Management Console (GPMC). Or you can use the Invoke-GPUpdate Windows PowerShell cmdlet to refresh Group Policy for a set of computers, including computers that are not within the OU structure—for example, if the computers are located in the default computers container. The remote Group Policy refresh updates all Group Policy settings, including security settings that are set on a group of remote computers, by using the functionality that is added to the context menu for an OU in the Group Policy Management Console (GPMC). When you select an OU to remotely refresh the Group Policy settings on all the computers in that OU, the following operations happen: 

. An Active Directory query returns a list of all computers that belong to that OU. 

. For each computer that belongs to the selected OU, a WMI call retrieves the list of signed in users. 

. A remote scheduled task is created to run GPUpdate.exe /force for each signed in user and once for the computer Group Policy refresh. The task is scheduled to run with a random delay of up to 10 minutes to decrease the load on the network traffic. This random delay cannot be configured when you use the GPMC, but you can configure the random delay for the scheduled task or set the scheduled task to run immediately when you use the Invoke-GPUpdate cmdlet. 

Reference: Force a Remote Group Policy Refresh (GPUpdate) 


Q79. Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. 

An organizational unit (OU) named OU1 contains 200 client computers that run Windows 8 Enterprise. A Group Policy object (GPO) named GPO1 is linked to OU1. 

You make a change to GPO1. 

You need to force all of the computers in OU1 to refresh their Group Policy settings immediately. The solution must minimize administrative effort. 

Which tool should you use? 

A. The Secedit command 

B. Group Policy Management Console (GPMC) 

C. Server Manager 

D. The Gpupdate command 

Answer:

Explanation: 

In the previous versions of Windows, this was accomplished by having the user run GPUpdate.exe on their computer. 

Starting with Windows Server. 2012 and Windows. 8, you can now remotely refresh Group Policy settings for all computers in an OU from one central location through the Group Policy Management Console (GPMC). Or you can use the Invoke-GPUpdatecmdlet to refresh Group Policy for a set of computers, not limited to the OU structure, for example, if the computers are located in the default computers container. 

http: //technet. microsoft. com/en-us//library/jj134201. aspx 

http: //blogs. technet. com/b/grouppolicy/archive/2012/11/27/group-policy-in-windows-server-2012-using-remote-gpupdate. aspx 


Q80. Your network contains an Active Directory domain named adatum.com. The domain contains a file server named Server1 that runs Windows Server 2012 R2. 

All client computers run Windows 7. 

You need to ensure that user settings are saved to \\Server1\Users\. 

What should you do? 

A. From the properties of each user account, configure the Home folder settings. 

B. From a Group Policy object (GPO), configure the Folder Redirection settings. 

C. From the properties of each user account, configure the User profile settings. 

D. From a Group Policy object (GPO), configure the Drive Maps preference. 

Answer:

Explanation: 

If a computer is running Windows 2000 Server or later on a network, users can store their profiles on the server. These profiles are called roaming user profiles.